Slashdot Mirror
US Nuclear Missile Silos Use Safe, Secure 8" Floppy Disks
Hugh Pickens DOT Com (2995471) writes "Sean Gallagher writes that the government built facilities for the Minuteman missiles in the 1960s and 1970s and although the missiles have been upgraded numerous times to make them safer and more reliable, the bases themselves haven't changed much and there isn't a lot of incentive to upgrade them. ICBM forces commander Maj. Gen. Jack Weinstein told Leslie Stahl from "60 Minutes" that the bases have extremely tight IT and cyber security, because they're not Internet-connected and they use such old hardware and software. "A few years ago we did a complete analysis of our entire network," says Weinstein. "Cyber engineers found out that the system is extremely safe and extremely secure in the way it's developed." While on the base, missileers showed Stahl the 8-inch floppy disks, marked "Top Secret," which is used with the computer that handles what was once called the Strategic Air Command Digital Network (SACDIN), a communication system that delivers launch commands to US missile forces. Later, in an interview with Weinstein, Stahl described the disk she was shown as "gigantic," and said she had never seen one that big. Weinstein explained, "Those older systems provide us some, I will say, huge safety, when it comes to some cyber issues that we currently have in the world.""
"I've never seen a floppy that big!"
"Wait til you see it spinning."
They say 8", but their wives privately shared that they were only 6" on a good day.
"Uh... phrasing."
Koans and fables for the software engineer
Those older systems provide us some, I will say, huge safety, when it comes to some cyber issues that we currently have in the world.
No, they don't. Claiming obsolete hardware and software is more secure is just a thinly veiled security through obscurity claim. There are other claims here; the machines are airgapped, and I suspect that the physical site security is pretty good; but the use of old software and hardware adds nothing at all to that.
Instead of "Security through obscurity", we now have "Security though obsolescence."
The silo wins the security battle through two things:
1) Physical security
2) Not being on the Internet
Yes, it's old stuff. Who cares? Nobody can touch it, and it's not on the global network. Not much else is required.
I see no downside to this. There's no reason for our nuclear silos to be networked or to run modern hardware. If it works, don't fix it.
Related: anyone remember in the pilot of the Battlestar Galactica remake how they explained that the reason there was all that old tech (phones with cords, manual doors) aboard a starship made with technology hundreds of years superior to our own was that they designed it that way on purpose to prevent hacking? Kinda makes you wonder--if there's actually a cyber warfare component to the next major conflict, will the military tech that's developed afterwards end up resembling 1970s (or earlier) era hardware more so than the "futuristic" tech you see in most modern SF?
That's why I always surf on my C64. If floppies are safe, I must be invunerable with my tapes.
Not so much. This is actually more along the lines of "If it aint broken, don't fix it".
Some systems are so deeply entrenched that replacing them often becomes a nightmare and you are not necessarily gauranteed with a more stable, robust replacement system.
Even though some of these systems are old, they are often very very stable.
IBM PC architecture never used the 8" FDD to my knowledge.
I seem to remember those 8" drives on old DEC equipment - VAX minicomps and the like.
Loving the sarcasm, but seriously, these antiquated systems are probably a lot more secure than many modern systems. After all, it's next-to-impossible to hack one of these missile control systems if they're not connected to the internet and code must be loaded on 70's era floppy disks (which are next-to-impossible for Joe Bloggs to get hold of)
Sure, it's terrible energy-inefficient, and the support costs must be through the roof, but i'm more comfortable knowing that the missile control systems are running on pre-internet (and even ARPANET?) systems. It means the many enemies of the US cannot just hack into the missile control systems and start armageddon. No internet, no hacking, no problem.
If you gave me a choice between a printer and a giraffe with explosive diarrhoea, i'll get my ladder and my raincoat
Yes, there are. I have one, and a Catweasel controller that can read and write basically any format on it.
The 8 inch standard format is very similar to the 1.2MB 5.25 inch format. Actually, it's the other way around, as when IBM built the PC AT and the high-density drives for it they apparently intentionally made the formats nearly identical. They're so close that computers that use 8 inch diskettes can typically be modified to run with 1.2MB HD 5.25 drives and media with only a new controller to drive cable and new drive power supply (8 inch drives typically take either AC mains power to run the spindle or 24VDC, and 5.25 drives take 12VDC to run the spindle). See http://nemesis.lonestar.org/co... for some tech info on how to do this with one of the first multiuser 'personal' computers, the Radio Shack TRS-80 Model 16 (and descendents the 16B and the 6000). Also see http://www.dbit.com/fdadap.htm... for the 'proper' adapter board.
8 inch diskettes are famously reliable with good quality media, and the bits aren't packed so densely that an EMP event will wipe them out, as long as they're in a faraday cage with sufficient attenuation and power handling capacity.
Current production high-density PC FDC's can easily handle the 8 inch drive with the proper adapter cable, but the number of supported formats is small. More flexible is the USB interfaced Kryoflux, and the PCI Catweasel MK3 and MK4 (the Kryoflux is currently in production and available for purchase; the Catweasels have been out of production for a while and are a bit difficult to obtain last I checked; I bought my MK4 from amigakit.com, but they appear to only have the Amiga-specific MK2's in stock.
to justify obsolete systems.
Wow, you just don't get it! Your remark implies that he is some sort of Luddite with the attitude of, "it worked for my grand pappy so it is good enough for me!"
What the man said is that they did a complete audit of the systems and given the requirements they determined that what they have is the most secure system they can come up with.
Your remark also implies that they should be all modern with a nice tomcat stack running php, python or god alone only knows what bit of Swiss cheese stack of cruft to control the very things that could quite easily turn this entire planet into a spinning ball of radioactive fire."
Hey KID! Yeah you, get the fuck off my lawn!
"Galactica is a reminder of a time when we were so frightened by our enemies that we literally looked backward for protection"
Show me on the 1st Amendment bobblehead where the moderator touched you...
Indeed. How long has it been since anyone manufactured 8" disks? Twenty years at least, I'd say. I inherited an old Tandy 6000 computer running Xenix which had an 8" drive back in the early 1990s, and I remember even then they were special order items. At that point high density 5.25" inch and 3.5" drives were coming into their own.
Not only are the floppies old, but the drives are old, and keeping old floppy drives going can be a pain.
The world's burning. Moped Jesus spotted on I50. Details at 11.
Hmmm.....
I know this is opening things up for lots of bad jokes..... but, it really boils down to whether the cookie's lubricant is still effective at allowing the cookie to spin to the correct RPM, +/- the FDC's tolerance. And that is dependent upon the storage conditions (mostly humidity) and the media quality. Being in a military application, this media is likely the most expensive made, if not the highest quality.
Yes, the actual magnetic media is called a 'cookie.' And the word 'cookie' is a bit more difficult to twist into a bad pun.....
If the dry lube used in the oxide coating on the cookie has become ineffective, then there will be a rather distinct screeching sound as oxide (and your data) flakes away. There are techniques to overcome this with bad media; however, back when 8 inch media was common it was also far higher quality that the cheap 5.25 media of the 80's was, and those 5.25 diskettes are the ones that have given my data recovery attempts the most difficulty.
This is way out of date. We need to put our missiles in The Cloud, and re-do the launch control UI so it looks pretty. Get on it right away, I expect nothing less than $10 billion spent for a non-working system. Boy though, the guy wearing the fedora will think it's the best thing in the world. It is good for him too. It'll pay off most of his student debt.
For all intensive purposes, "whom" is no longer a word. That begs the question, "who cares"?
Actually it is a pretty good one. Older equipment has been vetted for a good long time, and is generally simpler so there are fewer points where new vulnerabilities might exist. One of the reasons we have had so many security problems is the constant flow of new features being tacked on at every level combined with people wanting the technology to do so much more.
With tech from that erra, it is a lot easier to fabricate replacements from scratch then today. For that matter, more of it can be fixed as opposed to being integrated in such a way that your only option is to trash and replace.
No Skynet to launch Nuclear Missiles and start a machine vs human war :D
Out of my mind. Back in 5 mins.
This sounds a whole lot like security through obscurity. Not that obscurity isn't good if it makes things harder, but it would be a mistake to rely upon it in any way.
Given the agents you are trying to secure against - i.e. foreign governments - the resources to acquire and develop for 70s and 80s era equipment are easily obtainable.
If the technology being old leads to a lack of developers familiar with the equipment and software, it could quickly become a significant hindrance to good security.
Just let the Whale Saving Islamic Rainbow Commies for Jesus try and put a virus in my punch card deck!
Security through Obscurity, if it works for m$ IE, it'll work for one of the largest nuclear stock piles.
This is the US military. There's a very good chance they have a six acre warehouse full of eight inch floppy disks that's fully climate controlled and guarded by snipers and dogs.
I have a TRS-80 Model 4p at home that has two built-in 8" drives.
This guy is one of the greatest threats to the US Minuteman missile system.
Finally had enough. Come see us over at https://soylentnews.org/
I have a set of 8" Floppy drives that I can't give away! (DS-DD drives with a 1.2 MB capacity!) Post a reply if you want them (SE Wisconsin area)
USB or SATA hookup?
When our name is on the back of your car, we're behind you all the way!
Well, in my experience the good quality double-sided drives are more reliable as they age. The reason being is that a single-sided drive has a rather critical piece of felt as a pressure pad on the top surface, and those pads are notorious for the glue holding them to the head carriage drying out and causing them to fall off.
Double-sided drives, on the other hand, have an actual head on the top surface and those tend to stay put.
Its not security via obscurity because the real security doesn't rely on the lack of 8" floppies. The real protection is a) not being hooked up to the internet, b) lots of doors & guys with weapons standing between you and the control station. But I guess if some airforce commander throws a few bones to a dumb journalist and has a laugh about it back at the club with the boys, is that obscuring the real security?
Oh sure, you think we're that easy to fool? Trying to get us to use your 8" disks with hidden backdoors encoded in them? No thank you. We get all of our supplies from official channels, which source from the IBM division called Lenovo.
Maj. Gen. Jack Weinstein
Commander, U.S. Strategic Command
If you think I voted for Trump because of this post, you're wrong. I voted for Dr. Jill Stein of the Green Party. Again.
Where the bugs in the code are silverfish.
It's secure against a Stuxnet style sabotage attack, and secure against a remote hack. But hijacking a nuclear missile silo is a different type of mission.
You could likely simulate the entire system on a damn Arduino. On site, just open a panel, swap out a cable, bypass the whole control system.
Even if the floppies themselves contained some data or codes necessary to access/program the missiles (for example), given the low data densities, by modern standards the magnetic domains are the size of cows. You could easily jury-rig up a hand-held reader from commercial components and a bit of hard-hack know-how. And brute force decrypting anything from that era should be doable on a modern laptop.
Any custom system is safe, provided the enemy doesn't know how it works. But security-by-antiquity is a particularly bad example of security-by-obscurity given the likelihood of information leakage over time by people who didn't realise that their systems were still in use (particularly if they were never told what they were used for.) And chances are, your own intelligence people aren't even going to know what to listen for: "Yeah, just some hobbyists talking about early '70s computer technology. Disregard."
Science is all about firing a drunk pig out of a cannon just to see what happens.
Steam turbine with wooden cogs would be my guess.
Lost at C:>. Found at C.
You mean Ogre? I don't think that can actually physically destroy a plate:
http://wiw.org/~meta/vsum/view...
If you mean something else, I would be interested in hearing how it actually manages to change the head flying altitude...
" I would shutter any time I got a call from one of them"
Take a picture? Close your store?
50 pin Shugart would be the most useful, unless you really really need DEC RX01 or RX02.
I inherited an old Tandy 6000 computer running Xenix which had an 8" drive back in the early 1990s, and I remember even then they were special order items. At that point high density 5.25" inch and 3.5" drives were coming into their own.
By the early 1990's 5.25" floppy disks were antiquated and 3.5" had been the standard for some time.
You find it surprising to find that a fictional world is built to accommodate the plot set in it? Seriously, fiction is a very, very, bad way to evaluate things for the real world.
Disclaimer: While I don't play a nuclear weapons technician on TV, I was one in real life. (Fire Control Technician (Ballistic Missiles) Second Class (Submarines), USN Submarine Service 1981-1991.) I've worked with weapons system components (both installed and spare) that were years and decades old, and have studied the issues as a civilian as well.
Actually, there's a number of downsides, most of which should be obvious with a few minutes serious thought:
Etc..., etc...
The USAF claiming that older tech makes them more 'safe' is just making lemons into lemonade. (And the situation is mostly a product of how far the missiles are from being a priority.) Mostly, I evaluate the claims as a way to deflect attention from the number of serious incidents they've had recently and from their significant personnel problems.
It worked for Galactica.
The same as a world without lawyers...
See my blog http://ilovecookes.blogspot.com/ for light hearted technical information.
Since it is secure via remote hack and secure again a USB drop, then your only remaining option is a local intrusion.
That is when the guys with guns come in handy, and the military is good at that. :)
Are places like Ft. Hood secure? No. Is a nuclear missile silo secure? I dam well hope so...
If not, then I'd agree there is a problem.
On site, just open a panel, swap out a cable, bypass the whole control system.
Just so you know, when you open that panel, you're dead. They have antipersonnel mines built in, in case of unauthorized access to the panel. ICBM security doesn't fuck around.
This is the sort of security that involves lethal countermeasures, and yes, they thought of that. That too. There were geeks involved in the planning, so that other thing you think is clever? Lethal countermeasures.
Socialism: a lie told by totalitarians and believed by fools.
I knew someone who used to work in the Blue Cube (air force base that monitored early warning systems) in the early 90s, and was told that they still used lots of PDPs, sat at metal desks, and other stuff from the 70s even though they were sitting in the heart of silicon valley.
Last I saw an 8" floppy was for the PDP-11 console that sat inside a VAX cabinet in order to help it boot up.
Now how to fix this stuff? During glasnost era I presume you could second source parts from USSR clones... You could replace the entire system and stick it on a chip and have it all done as a student project. But these computers weren't used as general purpose computers, a lot of the reasons they're kept around is because of a specific hardware interface to other equipment and because it requires people with high security clearances and a budget to design replacements (ie, no student projects). Probably a requirement too to be resistent to electromagnetic pulses which is a plus for a lot of older equipment.
that to mount a "man in the middle" attack, you need a horse and a lance.
if this is supposed to be a new economy, how come they still want my old fashioned money?
It may be possible for the primary missile console. It's in a vault, manned by two specially chosen and armed airmen who are authorised to shoot each other if their partner causes a problem, designed so that it's physically impossible for a single person to operate alone, etc etc. It wouldn't surprise me if they had actual honest-to-god booby-traps in the console itself.
When doing maintenance, you switch out missile ops to the second control room, send in bomb-techs to turn off the booby-traps, then and only then send in your console maintenance tech to replace the malfunctioning board/etc. All under continuous armed guard.
Science is all about firing a drunk pig out of a cannon just to see what happens.